First-Start, Limitations, Decrypting
After roughly eight hours of encryption time, the system was ready to be restarted, now fully encrypted using the AES algorithm. Once rebooted, the TrueCrypt 6.1 boot loader prompts for your master password, which we defined during the installation process.
While we entered the password we immediately found a limitation: there is only one master password for the entire system. This means that it is not possible to create multiple, differently-encrypted system installations that are based on different passwords. As a result, any user with access to the decryption password will have access to the Windows installation—and possibly also to data from other users.
Although the solution is clearly geared for only one user per encrypted system, it is easy to handle, and consequently, it is as simple to be removed as it was to be deployed. Simply launch the TrueCrypt main program and select the decryption feature to initiate removal of the software. This worked well and was faster than the encryption.
We will discuss our benchmark results on the following pages, but here are some basic issues that have an influence on performance:
- The encryption process takes longer if you deploy multiple algorithms.
- System performance can be noticeably slower if you deploy multiple algorithms.
- If you have a fast hard drive—preferably a flash SSD—and a fast processor with two or more cores, TrueCrypt will work in the background really smoothly until you start working with applications that move a lot of data to or from the hard drive.
- Quad-core processors do have substantial advantages over dual-core processors if you require high performance.
- You may need a RAID array or fast flash SSDs to avoid bandwidth bottlenecks during encryption/decryption on fast multi-core processors.
Now let’s look at some results.